SoC: Admin Log Project Status

Michael Krax mk-samba at krax.net
Tue Jun 27 20:20:58 GMT 2006 

The first milestone is approaching quickly: here comes a small summary
of what is working now:

void admin_log_typeid(uint32 eventTypeId, uint16 priority,
		      NTSTATUS ntstatus_code,
		      const char *user, const char *machine,
		      const char *format_str, ...);
writes an entry to syslog, i.e.:

Jun 27 21:21:22 cat smbpasswd: 0x00080001 \\cat "" (passdb) Created user
root. NT Status: Success

(cat being the local hostname)

BTW. Code is available via (bzr branch)
http://people.samba.org/bzr/mkrax/samba-soc/. Perhaps I should provide
some other ressource too, like a diff. Jerry?

admin_log.h provides different macros around admin_log_typeid which
should be called by the other parts of samba, i.e.

	  ADMINLOG_NTSTATUS( ADMIN_LOG_EVENTID_DELETE_USER,
			     result,
			     ADMIN_LOG_LEVEL_INFORMATION,
			     get_current_username(),
			     get_local_machine_name(),
			     "Deleted user %s",
			     sam_acct->username ); (in pdb_interface.c)

get_current_username() does not provide what I hoped for, at least if
called by smbpasswd. I added further calls to ADMINLOG in
cli_netlogon.c:rpccli_netlogon_setup_creds (untested), in
loadparm.c:lp_load, in srv_spoolss.c:api_spoolss_addprinterex (untested).

The following configuration options are supported:
admin log = yes/no (enables or disables functionality)
admin log event types = all (or a list of types combined from debug
classes and admin log's own listing)
  i.e. admin log event types = passdb param
admin log levels = information warning error audit:success audit:failure
(default is error)
(admin log format = not yet supported)

I decided to use the DBG CLASS macros to get a initial list of types,
ADMINLOG does use the information automatically, but you can use another
macro to provide an ADMINLOG-specific event type (see the source :-).

I am rather content with the basic structure of admin_log.c. I am not
always happy with the links to the samba code base. I will get to you
with some specific questions in the next time. Basically, there are two
problems:
1) To find the right point to insert the call to ADMINLOG. In some
cases, there are probably multiple calls necessary.
2) To get the right params to pass to ADMINLOG (especially user and
machine name).

Thanks,
Michael

More information about the samba-technical mailing list